Hackers urge all EVO 4G owners to root device citing security flaws


Last Updated:

  1. I[E

    I[E Active Member This Topic's Starter

    Joined:
    May 30, 2010
    Messages:
    41
    Likes Received:
    1
     

    Advertisement
  2. Biggest Fro

    Biggest Fro Well-Known Member

    Joined:
    Jan 20, 2010
    Messages:
    182
    Likes Received:
    17
    So, what you are saying is..

    If we root, it makes it easier for hackers to get access to our phone?:confused:

    Not sure if I'm understanding...

    Also, couldn't the "Hackers" just hack into already rooted devices (Ex: Hero)?

    Sounds like a huge hype to get people to not root. I'm calling Bs.

    Also pointing out, this is your first post, and you're already saying there's hackers everywhere.
     
  3. PDong

    PDong New Member

    Joined:
    Jun 4, 2010
    Messages:
    4
    Likes Received:
    0
    The exact opposite actually.

    I read more than the blurb earlier. The unrEVOked guys believe that root does help with the security, but there were still major flaws, that Sprint had access to a lot of data that they really shouldn't, (not that they would use it) but most importantly, a bad app could leave you vulnerable...

    So, their word was, root the device and be very careful what you accept.
     
  4. Android 17

    Android 17 Well-Known Member

    Joined:
    Mar 30, 2010
    Messages:
    575
    Likes Received:
    176
    How exactly does root help with security? I've always read the opposite.
     
    jgangsta likes this.
  5. PDong

    PDong New Member

    Joined:
    Jun 4, 2010
    Messages:
    4
    Likes Received:
    0
    "Mastracci suggests that EVO 4G owners root their device"

    I think it's an idea of you choosing which apps you have, and thereby can send back data. Rooting to remove some bloatware or crapps, or whatever.

    Logically, since it's an open source OS, rooting or not makes no difference to the actual security of the device, except that you could inadvertantly remove a program that's helping to secure it.

    (this is how I understand it)
     
  6. suprmallet

    suprmallet Well-Known Member

    Joined:
    May 30, 2010
    Messages:
    523
    Likes Received:
    312
    Or deliberately remove a program that is making your system unsecure.
     
  7. ab500

    ab500 Active Member

    Joined:
    May 21, 2010
    Messages:
    37
    Likes Received:
    17
    SenseUI is really nasty in the fact that HTC likes to push it into every nook and cranny of the OS, which is one of the reasons why they have such a hard time producing updates in a timely manor.

    It seems they have just left a rather large hole in the device's security. Not good PR for HTC, who insists on Sense being so deeply integrated into the OS, nor Sprint who is opposed to rooting.

    I'm not sure how rooting your phone will make the exploit less likely to happen though, unless after root the superuser elevation dialog pops up and will warn the user if someone is trying to use the exploit.
     
  8. I[E

    I[E Active Member This Topic's Starter

    Joined:
    May 30, 2010
    Messages:
    41
    Likes Received:
    1
    You're right, that's exactly what I said.
    The term "hacker" does not always have a negative connotation.
    Had you bothered to read the article before posting you would have realized that it was about people in the android community trying to help fix security flaws opened by Sprint's customizations.
    The end-user having root access also allows further customization outside of what Sprint wants, like being able to remove carrier apps you'll never use.
    Yesterday's OTA did close up the vulnerabilities the "hackers" warned about, but also blocked the exploit used to root the phone.

    I wasn't saying, "Root the phone and put on your tin-foil hat, hackers are coming!" Just trying to pass on information.
     
  9. sjwaste

    sjwaste Member

    Joined:
    Jun 4, 2010
    Messages:
    17
    Likes Received:
    1
    This sounds like an unqualified statement. They could very well be right, but they offer no explanation, other than "all your base belong to Sprint" unless you root.

    The community could use some PR help. I'm still not sure what to make of this message. Unless someone articulates what the vulnerabilities are, through which avenues my data is exposed, to whom, and how rooting helps me, I'm really not apt to do it.

    They could be right, but they communicate poorly.
     

Share This Page

Loading...